One time pads work only if only the sender and receiver have a copy of the pad - and they destroy each sheet on use. Distributing the pads is hard, but often it can be done easier than the message.

Distributing a one time pad like this is a stupid idea: it isn't hard to collect everything you ever send, and it takes a computer a few ms to check every encrypted message against every possible sequence. That is breaking a distribute one time pad via shortwave like this is something a single layperson can do, it doesn't even need a government scale attacker to break it.

Don't get me wrong, this can be used for good encryption. However it isn't a one time pad they are doing, it is something more complex.

▲

pclmulqdq 4 hours ago | parent [-]

Every message is equally likely when you attempt this kind of brute-force decryption with a one-time pad. The code you get is actually 100% unbreakable if the pad isn't intercepted.

▲

BenjiWiebe 4 hours ago | parent [-]

I think there's some confusion in this thread. GGP talks about distributing the one time pad via the numbers station. GP (rightly) says that's a stupid idea.

The numbers station should be transmitting a message encoded with a one time pad. The one time pad itself should be physically given in person to the spies who you want to communicate with.

	▲	bell-cot an hour ago \| parent [-]
		Or, if one is uncertain whether to trust the courier between you and your spy - one can send two different one time pads by two different couriers. If the spy is trained to xor those pads together before using, an enemy must intercept both pads to be able to read your messages. There are many variants on this, including pads which you hope your enemy will intercept.